commit c48cb5e5972bbeb1cacbe37b80a3e9f8003b54b7
author Sen Jiang <senj@google.com> Thu Feb 04 16:23:21 2016 +0800
committer Sen Jiang <senj@google.com> Thu Feb 04 16:27:43 2016 +0800
tree b6db9b5f6f80dfe4b8d4a5333d851a0eb14927bf
parent e3434279c84846cfa49935638faef26ceb753b5e

Switch from mincrypt to BoringSSL in applypatch and updater.

Bug: 18790686
Change-Id: I7d2136fb39b2266f5ae5be24819c617b08a6c21e

updater/Android.mk

diff --git a/updater/Android.mk b/updater/Android.mk
index dcf4374..6fdd308 100644
--- a/updater/Android.mk
+++ b/updater/Android.mk
@@ -46,7 +46,7 @@
 
 LOCAL_STATIC_LIBRARIES += $(TARGET_RECOVERY_UPDATER_LIBS) $(TARGET_RECOVERY_UPDATER_EXTRA_LIBS)
 LOCAL_STATIC_LIBRARIES += libapplypatch libbase libedify libmtdutils libminzip libz
-LOCAL_STATIC_LIBRARIES += libmincrypt libbz
+LOCAL_STATIC_LIBRARIES += libbz
 LOCAL_STATIC_LIBRARIES += libcutils liblog libc
 LOCAL_STATIC_LIBRARIES += libselinux
 tune2fs_static_libraries := \

updater/blockimg.cpp

diff --git a/updater/blockimg.cpp b/updater/blockimg.cpp
index c6daf7d..6e05600 100644
--- a/updater/blockimg.cpp
+++ b/updater/blockimg.cpp
@@ -43,7 +43,7 @@
 #include "applypatch/applypatch.h"
 #include "edify/expr.h"
 #include "install.h"
-#include "mincrypt/sha.h"
+#include "openssl/sha.h"
 #include "minzip/Hash.h"
 #include "print_sha1.h"
 #include "unique_fd.h"
@@ -407,10 +407,10 @@
 
 static int VerifyBlocks(const std::string& expected, const std::vector<uint8_t>& buffer,
         const size_t blocks, bool printerror) {
-    uint8_t digest[SHA_DIGEST_SIZE];
+    uint8_t digest[SHA_DIGEST_LENGTH];
     const uint8_t* data = buffer.data();
 
-    SHA_hash(data, blocks * BLOCKSIZE, digest);
+    SHA1(data, blocks * BLOCKSIZE, digest);
 
     std::string hexdigest = print_sha1(digest);
 
@@ -662,10 +662,8 @@
     // Stash directory should be different for each partition to avoid conflicts
     // when updating multiple partitions at the same time, so we use the hash of
     // the block device name as the base directory
-    SHA_CTX ctx;
-    SHA_init(&ctx);
-    SHA_update(&ctx, blockdev, strlen(blockdev));
-    const uint8_t* digest = SHA_final(&ctx);
+    uint8_t digest[SHA_DIGEST_LENGTH];
+    SHA1(reinterpret_cast<const uint8_t*>(blockdev), strlen(blockdev), digest);
     base = print_sha1(digest);
 
     std::string dirname = GetStashFileName(base, "", "");
@@ -1627,7 +1625,7 @@
     parse_range(ranges->data, rs);
 
     SHA_CTX ctx;
-    SHA_init(&ctx);
+    SHA1_Init(&ctx);
 
     std::vector<uint8_t> buffer(BLOCKSIZE);
     for (size_t i = 0; i < rs.count; ++i) {
@@ -1643,10 +1641,11 @@
                 return StringValue(strdup(""));
             }
 
-            SHA_update(&ctx, buffer.data(), BLOCKSIZE);
+            SHA1_Update(&ctx, buffer.data(), BLOCKSIZE);
         }
     }
-    const uint8_t* digest = SHA_final(&ctx);
+    uint8_t digest[SHA_DIGEST_LENGTH];
+    SHA1_Final(digest, &ctx);
 
     return StringValue(strdup(print_sha1(digest).c_str()));
 }

updater/install.cpp

diff --git a/updater/install.cpp b/updater/install.cpp
index b090869..5326b12 100644
--- a/updater/install.cpp
+++ b/updater/install.cpp
@@ -44,7 +44,7 @@
 #include "cutils/misc.h"
 #include "cutils/properties.h"
 #include "edify/expr.h"
-#include "mincrypt/sha.h"
+#include "openssl/sha.h"
 #include "minzip/DirUtil.h"
 #include "mtdutils/mounts.h"
 #include "mtdutils/mtdutils.h"
@@ -91,10 +91,10 @@
 
 // Take a sha-1 digest and return it as a newly-allocated hex string.
 char* PrintSha1(const uint8_t* digest) {
-    char* buffer = reinterpret_cast<char*>(malloc(SHA_DIGEST_SIZE*2 + 1));
+    char* buffer = reinterpret_cast<char*>(malloc(SHA_DIGEST_LENGTH*2 + 1));
     const char* alphabet = "0123456789abcdef";
     size_t i;
-    for (i = 0; i < SHA_DIGEST_SIZE; ++i) {
+    for (i = 0; i < SHA_DIGEST_LENGTH; ++i) {
         buffer[i*2] = alphabet[(digest[i] >> 4) & 0xf];
         buffer[i*2+1] = alphabet[digest[i] & 0xf];
     }
@@ -1357,8 +1357,8 @@
     if (args[0]->size < 0) {
         return StringValue(strdup(""));
     }
-    uint8_t digest[SHA_DIGEST_SIZE];
-    SHA_hash(args[0]->data, args[0]->size, digest);
+    uint8_t digest[SHA_DIGEST_LENGTH];
+    SHA1(reinterpret_cast<uint8_t*>(args[0]->data), args[0]->size, digest);
     FreeValue(args[0]);
 
     if (argc == 1) {
@@ -1366,7 +1366,7 @@
     }
 
     int i;
-    uint8_t* arg_digest = reinterpret_cast<uint8_t*>(malloc(SHA_DIGEST_SIZE));
+    uint8_t* arg_digest = reinterpret_cast<uint8_t*>(malloc(SHA_DIGEST_LENGTH));
     for (i = 1; i < argc; ++i) {
         if (args[i]->type != VAL_STRING) {
             printf("%s(): arg %d is not a string; skipping",
@@ -1375,7 +1375,7 @@
             // Warn about bad args and skip them.
             printf("%s(): error parsing \"%s\" as sha-1; skipping",
                    name, args[i]->data);
-        } else if (memcmp(digest, arg_digest, SHA_DIGEST_SIZE) == 0) {
+        } else if (memcmp(digest, arg_digest, SHA_DIGEST_LENGTH) == 0) {
             break;
         }
         FreeValue(args[i]);